Netscape MANAGEMENT SYSTEM 6.0 - COMMAND-LINE Manual page 81

Table 12-1 Description of options and arguments (Continued)
-D
-H
Argument
-a
keydir
-d
exp
-e
-f noise-file
-h tokenname
-k shortkeyID
Delete a private key from a key database. Specify the key to delete with the -k
argument. Specify the database from which to delete the key with the -d
argument.
Use the -t argument to specify explicitly whether to delete a DSA or an RSA
key. If you do not use the -t argument, the option looks for an RSA key
matching the shortkeyID.
When you delete keys, be sure to also remove any certificates associated with
those keys from the certificate database, by using the Certificate Database Tool.
Some smart cards (for example, the Litronic card) do not let you remove a public
key you have generated. In such a case, only the private key is deleted from the
key pair. You can display the public key with the command keyutil -L -h
tokenname.
Display a list of the options and arguments used by Key Database Tool.
Description
List the RSA keys of all tokens when listing keys in the database.
Specify a directory containing a key database file. On Unix Key Database Tool
defaults to $HOME/.netscape (that is, ~/.netscape
the default is the current directory.
The key3.db and cert7.db database files must reside in the same directory.
Set an alternate exponent value to use in generating a new RSA public key for
the database, instead of the default value of 65537. The available alternate
values are 3 and 17.
Read a seed value from the specified binary file to use in generating a new RSA
private and public key pair. This argument makes it possible to use
hardware-generated seed values and unnecessary to manually create a value
from the keyboard. The minimum file size is 20 bytes.
Specify the name of a token to act on. Unless otherwise specified, the default
token is an internal slot (specifically, internal slot 2). An internal slot is a virtual
slot maintained in software, rather than a hardware device. Internal slot 2 is
used by key and certificate services. Internal slot 1 is used by cryptographic
services.
Use the Module Database Tool (modutil -list) to get a list of token names in
the module database.
Specify a private key by using the key identifier. You can use the complete
keyID (as shown by the -L option), or the shortkeyID. The shortkeyID is the
first few bytes of the keyID, starting from the second byte, with a length
sufficient to identify it uniquely. If you specify a shortkeyID that is not unique,
the first private key that matches the shortkeyID is found.
),
and on Windows NT
Chapter 12 Key Database Tool
Syntax
81